From Fake Google Ads in 2023 to Eleven Million Files on the Dark Web in 2026: How Nitrogen Walked Through Foxconn Wisconsin and Walked Out With Apple, NVIDIA, Google, and Intel's Blueprints.

# From Fake Google Ads in 2023 to Eleven Million Files on the Dark Web in 2026: How Nitrogen Walked Through Foxconn Wisconsin and Walked Out With Apple, NVIDIA, Google, and Intel's Blueprints.

On May 1, 2026, at about 3:30 AM Central time, the lights stayed on at Foxconn's Mount Pleasant, Wisconsin facility but the network did not. Third-shift workers stopped production because the computers stopped responding. First-shift workers arrived at 7 AM to find no Wi-Fi, no timecards, and managers who sent them home by 11 AM. Production stayed down through May 4. Workers filled paper timesheets for the rest of the week.

Ten days later, on May 11, a ransomware operator calling itself Nitrogen added Foxconn to its dark web victim leak site and claimed eight terabytes of stolen data. Over eleven million files. Including, per the leak post, hardware schematics for Apple, NVIDIA, and Dell products Foxconn manufactures under contract, plus data center topology diagrams for Google and Intel.

The math is the story. Foxconn lost the breach. Apple, NVIDIA, Dell, Google, and Intel lost the data. That's the asymmetry — Foxconn is the contract manufacturer that holds its customers' product designs. When the manufacturer gets breached, the customers' intellectual property gets sold.

This post is the attack chain explained for readers who don't speak fluent CISA-advisory. How Nitrogen got there. Why Wisconsin specifically. And what defenders looking at their own contract manufacturers should be doing this week.

Nitrogen — what it is and how it got here

Nitrogen is not new. Sophos's X-Ops research team first profiled the group in mid-2023, when it was running something called a malvertising operation. Malvertising is exactly what it sounds like — buying ads on legitimate ad networks like Google and Bing, but pointing those ads at fake software downloads.

The pattern looked like this. A system administrator at a mid-sized company would search Google for a free utility — Notepad++, a port scanner, a remote desktop tool, something boring. The first result would be a Google ad. The ad would point to a domain that looked like the official software vendor but wasn't. Click the ad, download the installer, install the tool — and the installer would also drop a piece of malware called a loader onto the administrator's workstation.

That loader is the foothold. It calls home to a command-and-control server, downloads additional tools, gives the attacker remote control of the workstation. From a sysadmin's workstation, the attacker is now inside the company's network, with the credentials and access of an IT professional. The rest of the attack — lateral movement, privilege escalation, data theft, ransomware deployment — happens over days or weeks.

Three years later, in 2026, Nitrogen has graduated. It is no longer just a malvertising crew. It runs full double-extortion ransomware operations: steal the data first, encrypt the systems second, demand payment to decrypt AND payment to keep the stolen data off the dark web. The attack on Foxconn Wisconsin is the latest example.

We don't yet know whether the initial vector at Foxconn was the malvertising playbook or something else — phishing, a compromised third-party vendor, an exposed remote-access portal. The technical indicators have not been publicly released. But the playbook from there is the part defenders should focus on.

The attack chain, as best we can read it

The breach was discovered on May 1. The data exfiltration claim says eight terabytes. To exfiltrate eight terabytes from a manufacturing facility takes time — days of background traffic that doesn't trip alarms. Working backward from May 1, the attackers were likely inside Foxconn's network for at least several weeks before the encryption phase. Possibly months.

Here is the canonical Nitrogen-shaped attack chain, applied to what we know about Foxconn:

Initial access. A workstation or external-facing service is compromised. For Nitrogen historically, this is a sysadmin's machine via a fake software ad. Could also be a phishing email with a malicious attachment, a leaked credential reused on an exposed service, or a supply-chain compromise through a third-party vendor.

Persistence. The attacker establishes a foothold that survives reboots. Typically a scheduled task, a service, or a registry run key that loads the loader on every boot.

Privilege escalation. Move from a regular user account to an administrator account on the local workstation. Then move from local administrator to a domain account that has rights elsewhere on the network. This is where credential theft tools come in — Mimikatz, LSASS dumps, all the canonical Windows-internals tradecraft.

Lateral movement. Use the elevated credentials to reach interesting systems. For a manufacturer, "interesting" means Product Lifecycle Management systems — those are the databases that hold every product design, bill of materials, supplier relationship, and assembly instruction. PLM is the crown jewels for a contract manufacturer.

Data exfiltration. Copy the interesting data out to attacker-controlled infrastructure. Eight terabytes is a lot, but it's not enormous on modern bandwidth — a sustained 100 megabit upload can move that in less than a week. Spread across multiple weeks, it would be hard for a defender to distinguish from normal manufacturing data traffic.

Encryption and extortion. Once the data is out, deploy the ransomware to encrypt the remaining systems. Knock production offline. Demand payment for the decryption key AND for keeping the stolen data private. This is the double-extortion model — the encryption is the noisy part; the data theft is the leverage.

Why Wisconsin specifically

The Mount Pleasant facility has a public history that goes beyond manufacturing. In 2017, Foxconn announced a thirteen-thousand-job, ten-billion-dollar LCD panel factory in Wisconsin, with backing from then-Wisconsin-governor Scott Walker and championed by President Trump as a demonstration of American manufacturing renaissance. By 2021, the LCD plant had not been built. The site had transitioned to a smaller-scale data-center-component operation, owned by a foreign company, producing for hyperscaler customers, with a fraction of the promised jobs.

The breach lands on a facility already loaded with public narrative. The Trump-era American manufacturing promise. The bait-and-switch to a data-center-component operation. The Wisconsin taxpayer subsidies that ended up underwriting a foreign-owned operation. And now eleven million files of customer intellectual property on a Russian-speaking ransomware crew's leak site.

We do not yet have public attribution on whether Nitrogen has nation-state ties or is purely criminal. The eight terabytes of Apple/NVIDIA/Dell/Google/Intel data has both criminal and intelligence value. Criminal: sell to the highest bidder on the dark web. Intelligence: hand to a state-sponsored actor for industrial espionage downstream. The two motives are not mutually exclusive.

What this means for defenders

Three observations for any organization that operates with a contract manufacturer in its supply chain.

Your contract manufacturer's PLM is your IP. If your hardware schematics or product designs are sitting in your contract manufacturer's Product Lifecycle Management system, that system's security posture matters as much as your own. Most procurement contracts have generic data-protection clauses; very few specify PLM segmentation, environment hardening, or breach-notification timelines for product designs specifically. Worth tightening.

External attack-surface mapping should include your suppliers. We ran a five-minute external reconnaissance on Foxconn's public domain footprint earlier today, using only Certificate Transparency logs and Shodan. We found three Product Lifecycle Management environments publicly addressable on the battery-cell subdomain (production, development, and UAT all reachable from the internet), a publicly addressable global e-procurement test environment, and an externally-discoverable Sophos firewall management interface on the Czech facility. Every one of those would have been a P1 finding on a standard attack-surface audit. Defenders inside Apple, NVIDIA, Google, Intel, or any other Foxconn customer can run the same audit against their other contract manufacturers in fifteen minutes.

Malvertising is still the canonical initial vector for Western enterprise breaches. Despite all the attention on supply-chain attacks via package registries and AI tooling, the boring 2023-era playbook — fake Google ads for sysadmin tools, trojanized installers, workstation compromise, lateral movement — is still working in 2026. Investing in browser hardening, ad-blocking, endpoint detection on workstations, and aggressive privileged-access controls remains the cheapest defense.

Where we sit

We did not have specific Nitrogen indicators of compromise in our index before today's breach. We never indexed Foxconn or Hon Hai infrastructure. We could not have alerted them.

We are fixing that gap. Nitrogen goes into our threat-actor catalog. Sophos X-Ops's 2023 malvertising IOC corpus goes into our index. The Tier-1 hyperscaler contract manufacturers — Foxconn, Pegatron, Wistron, Quanta, Compal, Inventec — go into our extended Aegis watch list so the next breach of one of them is at minimum mapped before the news hits.

Better luck next time is the operational reality. The eleven million files are not coming back. But the eleven million files from the next manufacturer might.

— Patrick Duggan, May 12, 2026

Her name was Renee Nicole Good.

His name was Alex Jeffery Pretti.